Administering message-level security for JAX-WS web services

Web Services Security standards and profiles describe how to provide security and protection for SOAP messages that are exchanged in a web services environment. Using JAX-WS, development of web services and clients is simplified with greater platform independence for Java applications through the use of dynamic proxies and Java annotations.

  • Auditing the Web Services Security runtime

    Security auditing provides tracking and archiving of auditable events for the web services runtime operations. When security auditing is enabled for web services, the event generator utility collects and logs signing, encryption, security, authentication, and delegation events in audit event records. You can analyze the audit event records to identify possible security breaches or potential weaknesses in the security configuration of your environment.

  • Securing web services using policy sets

    Policy sets are assertions about how services are defined. They are used to simplify the quality of service configuration for web services.

  • Securing requests to the trust service using system policy sets

    WebSphere® Application Server provides message-level protection for its security token service, known as the WebSphere Application Server trust service. For the trust service, you must use a special class of policy sets known as system policy sets.

  • Configuring the Kerberos token for Web Services Security

    Use this topic to configure the Kerberos token for message-level Web Services Security.

  • Securing messages using SAML

    Configure policy sets, bindings, and SAML-specific tokens to secure web services and messages.

  • Configuring default Web Services Security bindings

    WebSphere Application Server provides support for a set of default Web Services Security bindings for applications. A set of bindings is a named object that is associated with a specific policy set and service resource attached to the policy set.

  • General JAX-WS default bindings for Web Services Security

    General bindings are used as the default bindings at the cell level or server level, or for multiple domains, at the domain level. The general bindings that are included with WebSphere Application Server are initially set as the default bindings. However, you can choose a different binding as the default, or change the level of binding that is used as the default, for example, from cell-level binding to server-level binding.

Task topic Task topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Feb 6, 2014 8:11:25 PM CST
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-nd-mp&topic=container_wssec_admin_message_security_jaxws
File name: container_wssec_admin_message_security_jaxws.html